/*
 *
 *      Copyright (c) 2018-2025, lengleng All rights reserved.
 *
 *  Redistribution and use in source and binary forms, with or without
 *  modification, are permitted provided that the following conditions are met:
 *
 * Redistributions of source code must retain the above copyright notice,
 *  this list of conditions and the following disclaimer.
 *  Redistributions in binary form must reproduce the above copyright
 *  notice, this list of conditions and the following disclaimer in the
 *  documentation and/or other materials provided with the distribution.
 *  Neither the name of the pig4cloud.com developer nor the names of its
 *  contributors may be used to endorse or promote products derived from
 *  this software without specific prior written permission.
 *  Author: lengleng (wangiegie@gmail.com)
 *
 */

package com.zxp.common.core.constant.module;

/**
 * 安全模块
 * @author lengleng
 * @date 2017-12-18
 */
public interface SecurityConstants {

	/**
	 * 安全模块的名称
	 */
	String SECURITY_MODULE_NAME = "zxp-d-security";

	/**
	 * 启动时是否检查Inner注解安全性
	 */
	boolean INNER_CHECK = true;

	/**
	 * 刷新
	 */
	String REFRESH_TOKEN = "refresh_token";

	/**
	 * 验证码有效期
	 */
	int CODE_TIME = 60;

	/**
	 * 验证码长度
	 */
	String CODE_SIZE = "4";

	/**
	 * 角色前缀
	 */
	String ROLE = "ROLE_";

	/**
	 * 前缀
	 */
	String PIGX_PREFIX = "pigx_";

	/**
	 * token 相关前缀
	 */
	String TOKEN_PREFIX = "token:";

	/**
	 * oauth 相关前缀
	 */
	String OAUTH_PREFIX = "oauth:";

	/**
	 * 授权码模式code key 前缀
	 */
	String OAUTH_CODE_PREFIX = "oauth:code:";

	/**
	 * 项目的license
	 */
	String PIGX_LICENSE = "made by zxp";

	/**
	 * 内部
	 */
	String FROM_IN = "Y";

	/**
	 * 标志
	 */
	String FROM = "from";

	/**
	 * OAUTH URL
	 */
	String OAUTH_TOKEN_URL = "/oauth/token";

	/**
	 * 手机号登录URL
	 */
	String SMS_TOKEN_URL = "/mobile/token/sms";

	/**
	 * 社交登录URL
	 */
	String SOCIAL_TOKEN_URL = "/mobile/token/social";

	/**
	 * 自定义登录URL
	 */
	String MOBILE_TOKEN_URL = "/mobile/token/*";

	/**
	 * 微信获取OPENID
	 */
	String WX_AUTHORIZATION_CODE_URL = "https://api.weixin.qq.com/sns/oauth2/access_token"
			+ "?appid=%s&secret=%s&code=%s&grant_type=authorization_code";

	/**
	 * 微信小程序OPENID
	 */
	String MINI_APP_AUTHORIZATION_CODE_URL = "https://api.weixin.qq.com/sns/jscode2session"
			+ "?appid=%s&secret=%s&js_code=%s&grant_type=authorization_code";

	/**
	 * 码云获取token
	 */
	String GITEE_AUTHORIZATION_CODE_URL = "https://gitee.com/oauth/token?grant_type="
			+ "authorization_code&code=%S&client_id=%s&redirect_uri=" + "%s&client_secret=%s";

	/**
	 * 开源中国获取token
	 */
	String OSC_AUTHORIZATION_CODE_URL = "https://www.oschina.net/action/openapi/token";

	/**
	 * 码云获取用户信息
	 */
	String GITEE_USER_INFO_URL = "https://gitee.com/api/v5/user?access_token=%s";

	/**
	 * 开源中国用户信息
	 */
	String OSC_USER_INFO_URL = "https://www.oschina.net/action/openapi/user?access_token=%s&dataType=json";

	/**
	 * {bcrypt} 加密的特征码
	 */
	String BCRYPT = "{bcrypt}";

	/**
	 * sys_oauth_client_details 表的字段，不包括client_id、client_secret
	 */
	String CLIENT_FIELDS = "client_id, CONCAT('{noop}',client_secret) as client_secret, resource_ids, scope, "
			+ "authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, "
			+ "refresh_token_validity, additional_information, autoapprove";

	/**
	 * JdbcClientDetailsService 查询语句
	 */
	String BASE_FIND_STATEMENT = "select " + CLIENT_FIELDS + " from sys_oauth_client_details";

	/**
	 * 按条件client_id 查询
	 */
	String DEFAULT_SELECT_STATEMENT = BASE_FIND_STATEMENT + " where client_id = ? and del_flag = 0 and tenant_id = %s";

	/**
	 * 资源服务器默认bean名称
	 */
	String RESOURCE_SERVER_CONFIGURER = "resourceServerConfigurerAdapter";

	/**
	 * 客户端模式
	 */
	String CLIENT_CREDENTIALS = "client_credentials";

	/**
	 * 用户ID字段
	 */
	String DETAILS_USER_ID = "id";

	/**
	 * 用户名
	 */
	String DETAILS_USERNAME = "username";

	/**
	 * 用户基本信息
	 */
	String DETAILS_USER = "user_info";

	/**
	 * 用户名phone
	 */
	String DETAILS_PHONE = "phone";

	/**
	 * 头像
	 */
	String DETAILS_AVATAR = "avatar";

	/**
	 * 用户部门字段
	 */
	String DETAILS_DEPT_ID = "deptId";

	/**
	 * 租户ID 字段
	 */
	String DETAILS_TENANT_ID = "tenantId";

	/**
	 * 协议字段
	 */
	String DETAILS_LICENSE = "license";

	/**
	 * 激活字段 兼容外围系统接入
	 */
	String ACTIVE = "active";

	/**
	 * AES 加密
	 */
	String AES = "aes";

	/**
	 * 请求头token标识
	 */
	String AUTHORIZATION = "Authorization";

	/**
	 * 请求头接收标识
	 */
	String ACCEPT = "Accept";

	/**
	 * token名称
	 */
	String TOKEN_NAME = "token";

	/**
	 * token类型
	 */
	String TOKEN_TYPE_BEARER = "Bearer";

	/**
	 * 未知标识
	 */
	String UNKNOWN = "Unknown";

	/**
	 * 默认包名
	 */
	String DEFAULT_PACKAGE_NAME = "com.zxp";

	/**
	 * 默认密码
	 */
	String DEFAULT_PASSWORD = "123456";

	/**
	 * 请求号在header中的唯一标识
	 */
	String REQUEST_NO_HEADER_NAME = "Request-No";

	/**
	 * 验证码键值
	 */
	String CAPTCHA_SESSION_KEY = "capcha";
	int CAPTCHA_EXPIRED_TIME = 5*60; //失效时间： 5分钟

	String PARAM_IMAGE_CODE="code"; // 图片验证码的请求参数：验证码， 用户名username 密码： password 记住我 remember-me保持默认

	String PARAM_SMS_PHONE="phone"; // 短信验证码的请求参数： 手机号
	String PARAM_SMS_CODE="smsCode"; // 短信验证码的请求参数： 验证码

	String LOGIN_ACTION_MOBILE="/login/mobile"; // 手机验证码登陆post请求的地址
	String LOGIN_ACTION="/login"; // 普通登陆post请求的地址，与Springsecurity保持一致

	String SMS_LOGIN_CODE_KEY=":CODE"; // 发送短信验证码
	String SMS_LOGIN_COUNT_KEY=":COUNT"; // 发送短信验证码，记数
	/**
	 * 图片验证码 uuid--验证码， uuid身份保存在cookie中，cookie的名字,可以一直保存着
	 */
	String CAPTCHA_COOKIENAME_UUID = "capcha-uuid";

	/**
	 * 放开权限校验的接口
	 */
	String[] NONE_SECURITY_URL_PATTERNS = {

			//前端的
			"/assets/**",
			"/favicon.ico",

			//swagger相关的
			"/doc.html",
			"/webjars/**",
			"/swagger-resources/**",
			"/v2/api-docs",
			"/v2/api-docs-ext",
			"/configuration/ui",
			"/configuration/security",

			//flowable工作流相关的
			"/designer/**",
			"/app/rest/**",

			//后端的
			"/",
			"/403",
			"/404",
			"/500",
			"/login",
			"/logout",
			"/code/**", // 验证码：图片验证码、手机验证码
			"/oauth/**",
			"/global/sessionError",
			"/error",
			"/global/error",

			//文件的
			"/sysFileInfo/upload",
			"/sysFileInfo/download",
			"/sysFileInfo/preview",
			"/sysFileInfo/onlineEditHtml",
			"/sysFileInfo/track",

			//druid的
			"/druid/**",

			//支付相关的
			"/aliPay/**",
			"/wxPay/**",

			//获取租户列表
			"/getTenantOpen",
			"/tenantInfo/listTenants",

			//WebSocket
			"/webSocket/**"
	};

}
